200-201 VOL3 Question

About This Presentation

Title:

Description:

Number of Views:4

Slides: 8

Provided by: roseevans1

Category: How To, Education & Training

Tags:

more less

Transcript and Presenter's Notes

Title: 200-201 VOL3 Question

1

200-201 Understanding Cisco Cybersecurity
Operations Fundamentals (CBROPS) VOL3
QUESTION NO 1
Deep packet inspection offers the functionality
to inspect data at which of the following OSI
layers?
Layer 3 and 4
Layers 2-5
Layers 1-7
Layer 2-7
Answer D

QUESTION NO 3
Which of the following fields can be found in a
TCP header that are not included in a UDP header?
(Select three)
Source Port
Destination Port
Checksum
Sequence number
Acknowledgement number
Urgent pointer
Answer D, E, F

QUESTION NO 4
2

Which of the following fields can be found in a
UDP header that are not included in a TCP header?
Length
Source port
Destination Port
Flags
Checksum
Answer A

QUESTION NO 5
The use of regular expressions is supported by
Cisco when used to filter or search through the
output of a command. When using regular
expressions, what does the signify?
Start of string
End of string
0 or more instances that match
1 or more instances that match
Answer B

QUESTION NO 6
Which of the following terms best describes the
process of confirming a file that is downloaded
from the Internet is not corrupted or modified
using a verifiable checksum?
Digital signature
Certificates
Public and Private keys
Hashing
Answer D

QUESTION NO 7
According to the NIST Special Publication 800-61
document for the Computer Security
Incident Handling Guide, what are the four
elements of the Incident Response Life Cycle?
(Select Four)
Pre-Incident Activity
Preparation
Mitigation

QUESTION NO 8
According to NIST SP800-61, which component of
the security Incident Response Life Cycle
includes tasks such as creating a follow up
report and holding a lessons learned meeting?
Preparation
Containment, Eradication, and Recovery
Post-Incident Activity
Detection and Analysis
Recovery
Answer C

QUESTION NO 10
You are following a cybersecurity adversary by
studying its methods based on its infrastructure,
capabilities, and past victims. Which of the
following models does this describe?
The Diamond Model of Intrusion model
The Cyber Kill Chain model
PSI

4
D. PII E. PHI Answer A

QUESTION NO 11
You are part of a network security team and you
are facing challenges to identify a host (victim
or attacker). What tool would you select from the
options below to solve this issue in your
network.
SMTP
VPN
Stealthwatch
Certificates
Answer C

QUESTION NO 12
Encryption is considered to be a boon for network
communications however it poses numerous
challenges when it comes to network monitoring.
Select all the correct answers from the below
options.
Certificate is used for encryption and
decryption.
Attackers may use encryption as a method of
evasion and obfuscation.
Encryption is not recommended in enterprise
networks as it consumes more resources than
plain text communication.
Pre-shared-Keys are more secure than Encryption.
Answer A, B

QUESTION NO 13
Select the Cisco technology from the below
options that allows you to detect malicious
activities even if the communication is
encrypted?
Cisco AMP
Cognitive Threat Analysis
Cisco Anyconnect
Cisco ISR Routers
Answer B

QUESTION NO 14
Why is NTP important in an Enterprise network?
Select the right answer from the below options.
It helps in resolving the DNS queries.
Multiple NTP servers are configured in the
network to individually assign a NTP server for
each networking device.
All network devices have their own clocks hence
NTP servers are not needed.
It keeps the date and time synchronized among
network security devices.
Answer D

QUESTION NO 15
As a network security administrator, you are
facing issues with the IP Fragmentation attacks.
Select various IP fragmentation attacks from the
below option. (Choose two)
TCP Handshake
UDP flooding
TCP fragmentation DDoS
Host Escalation
Answer B, C

QUESTION NO 16
As a Network Security administrator, you come
across an IP Fragmentation attack. Select the
best solution from the below options to mitigate
the attack.
Block all non-initial fragments
Use rate-limiting
Disconnect the device to avoid the attack
Whitelist specific servers and use rate limiting
for rest
Answer D

QUESTION NO 17
6

As a Network Security Administrator, you came to
know of a known vulnerability in Cisco IOS that
may be affecting multiple network devices in your
network. Which data base will you check to
capture more information about the vulnerability?
FIRST
NVD
CVE
VULDB Answer B

QUESTION NO 18
You are deploying Cisco Email Security in clients
environment. Select the correct OS that is run
on the Email Security Appliances.
IOS
IOS-XE
AsyncOS
NX-OS
Answer C

QUESTION NO 19
Select the correct statement from the below
options regarding traditional Information
Security Cybersecurity.
Traditional Information security is focused on sec
uring applications whereas Cybersecurity focuses
on Confidentiality, Integrity Availability of
data.
Traditional Information security is focused on
Confidentiality, Integrity Availability of
data whereas Cybersecurity focuses on preventing,
detecting and responding to attacks.
Traditional Information security is considered
more secure while handling ongoing threats.
Tradition Security concepts are preferred by
enterprise customers over Cybersecurity.
Answer B